Skip to main content
TalkDoc is proud to announce $385K raised, led by Duro VCRead more

Security

Careful systems for sensitive information.

Mental-health information deserves thoughtful protection. TalkDoc uses safeguards designed to reduce risk, limits access by role and purpose, and explains where different privacy rules apply.

No online service can promise perfect security. This page describes our approach, not a certification or a guarantee that an incident can never happen.

Our approach

Protection should match the job.

We use administrative, technical, and organizational safeguards appropriate to the systems involved. Exact controls can differ by product and provider relationship.

Limit access

We aim to give people and systems access only when their work requires it, and to remove access when it is no longer needed.

Protect each workflow

Care, scheduling, billing, support, and AI do not all use the same systems. We choose safeguards for the information and purpose involved.

Review and respond

We assess vendors, monitor our systems, investigate reported issues, and follow applicable notice requirements when an incident occurs.

Where our patient AI runs

The AI assistant in your account runs in a sealed system.

When you message TalkDoc's AI assistant or use the patient AI companion in a visit, that work happens inside a locked-down environment we call IronEgg—a secure enclave whose memory is sealed off by the hardware itself. TalkDoc staff can't read what's processed inside it, and these conversations are not sent to outside AI companies. Before your device sends anything, it checks proof of exactly what software the enclave is running.

Hardware-sealed processing

The enclave runs on confidential-computing hardware (Intel TDX on Google Cloud Confidential Space) that isolates its memory from everyone—including the cloud provider and TalkDoc's own engineers.

Proof before data

Your device verifies a signed hardware attestation—a fingerprint of the exact code running—before sending anything. If the code doesn't match the version we've approved and pinned, nothing is sent.

Our own medical AI model

Answers come from a medically-tuned open model running inside the enclave itself. Your AI conversations aren't forwarded to third-party AI providers, and we don't use them to target ads.

Keys that die with the session

Requests are encrypted end-to-end to the enclave. Its decryption keys are generated fresh at every boot, live only in protected memory, and are destroyed on shutdown.

This applies to the AI assistant and the in-visit patient AI companion in your TalkDoc account. Other services (like scheduling, billing, phone check-ins, and some clinician note-drafting tools) run on standard HIPAA-covered systems with Business Associate Agreements in place. This page describes what is and isn't covered—ask us and we'll walk you through it.

Clear boundaries

One company. Different responsibilities.

Clinical care

Licensed clinicians deliver care. Their Notice of Privacy Practices explains how protected health information is used and disclosed in the clinical setting.

The TalkDoc platform

TalkDoc operates technology used for accounts, scheduling, communication, and related services. Our Privacy Policy explains how TalkDoc handles information in its different roles.

AI features

The patient AI assistant and the in-visit patient companion run inside the sealed enclave described above. Other AI features—like some clinician note-drafting tools—use standard HIPAA-covered systems under Business Associate Agreements, not the enclave. AI does not independently diagnose, prescribe, or replace the clinician responsible for care.

Your account

You are part of the protection.

  • Use a unique password and keep sign-in information private.
  • Sign out on shared devices and keep your device software current.
  • Tell us promptly if you notice unfamiliar account activity or a suspicious message.